
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 1 3- 1 450 
www.uspto.gov 



APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


10/734,846 


12/12/2003 


Manjeri Ramanathan Dharmarajan 


JP920030198US1 


1981 



39903 7590 12/18/2007 

IBM ENDICOTT (ANTHONY ENGLAND) 
LAW OFFICE OF ANTHONY ENGLAND 
PO Box 5307 
AUSTIN, TX 78763-5307 



EXAMINER 



ALMEIDA, DEVIN E 



ART UNIT 



2132 



PAPER NUMBER 



MAIL DATE 



DELIVERY MODE 



12/18/2007 PAPER 

Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Office Action Summary 


Application No. 

10/734,846 


Applicant(s) 

DHARMARAJAN, MANJERI. 
RAMANATHAN 


Examiner 

1— AMI ■ II 1 IV 1 

Devin Almeida 


Art Unit 

2132 





-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after t he mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)S Responsive to communication(s) filed on 17 October 2007 . 
2a)D This action is FINAL. 2b)K This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) S Claim(s) 1-10 and 18-35 is/are pending in the application, 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [3 Claim(s) 1-10 and 18-35 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

Certified copiies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1 ) Q Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5 ) D Notice of informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 



U.S. Patent and Trademark Off be 
PTOL-326 (Rev. 08-06) 



Office Action Summary 



Part of Paper No ./Mail Date 20071 210 



Application/Control Number: Page 2 

10/734,846 

Art Unit: 2132 

DETAILED ACTION 

This action is in response to the papers filed 10/17/2007. 

Response to Arguments 

Applicant's arguments with respect to the password generator is time dependent 
but not in the particular fashion taught by Guski are not persuasive. Guski teaches the 
password is valid for a predetermined time interval. 

Applicant's arguments with respect to claim 1 are not persuasive. Guski teaches 
"receiving said first application name again by the password generator at a second time 
and generating a second instance of the first password for said first application by the 
password generator, wherein the generating of the second instance of the first password is 
based on at least said first application name received at the second time and based on said 
single key, and the generated first password is identical in its first and second instance if 
a time interval has been user specified but not elapsed between the first and second times 
and if no time interval has been user specified for the first and second instances (see 
column 6 lines 61 - column 7 line 3 teaches that the password is valid for a 
predetermined time interval and after that interval a new password has to be generated to 
get access)." The Applicant is reminded that there is two ways to reject to that part of 
claim 1. The first way is the generated first password is identical in its first and second 
instance if no time interval has been user specified for the first and second instances. The 
second way is the generated first password is identical in its first and second instance if a 
time interval has been user specified but not elapsed between the first and second times. 
Applicant is also reminded that the password can be generated from more then just the 
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first application name and based on said single key since the claim states "at least said 
first application name received at the second time and based on said single key". Guski 
teaches the password is valid for a predetermined time interval (see column 6 lines 61 - 
column 7 line 3 teaches that the password is valid for a predetermined time interval and 
after that interval a new password has to be generated to get access. 

Applicant's arguments with respect to claim 2 are not persuasive. Guski teaches 
different inputs to the password generator generate different passwords (see column 8 
line 26 - column 10 line 3). 

Applicant's arguments with respect to claim 2 are not persuasive. Guski teaches 
the password is valid for a predetermined time interval. 

Claim Rejections - 35 USC §112 
Claims 1-3, 18-20, and 27-29 are also indefinite because according to the remarks 
on page 12 in trying to claim two different embodiments of the present invention in one 
claim which make the claim indefinite because if is unclear as to whether the password is 
time depend or not. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 



Application/Control Number: Page 4 

10/734,846 

Art Unit: 2132 

Claim 1-5, 10, 18-22, 26-31 and 35 rejected under 35 U.S.C. 102(a) as being 
anticipated by Guski et al. (U.S. Patent # 5,592,553). Guski teaches everything with 
respect to claims 1,18 and 27, a method of generating a password for at least one 
application using a single key, said method comprising the steps of: receiving said single 
key (see figure 3 element 306) by a password generator (see figure 3 element 300 and 
column 6 lines 20-41); receiving a first application name by a password generator at a 
first time, wherein the first application name is associated with a first application (see 
figure 3 element 304 and column 6 lines 20-41); generating a first instance of a first 
password for said first application by the password generator, wherein the generator of 
the first password is, based on at least said said first application name received at the first 
time and based on said single key (see figure 3 element 310 and column 6 lines 20-41); 
receiving said first application name again by the password generator at a second time 
(see column 6 lines 20-41, column 6 lines 61 - column 7 line 3 and column 8 line 26 - 
column 9 line 21); and generating a second instance of the first password for said first 
application by the password generator, wherein the generating of the second instance of 
the first password is based on at least said first application name received at the second 
time and based on said single key, and the generated first password is identical in its first 
and second instance if a time interval has been user specified but not elapsed between the 
first and second times and if no time interval has been user specified for the first and 
second instances (see column 6 lines 61 - column 7 line 3 teaches that the password is 
valid for a predetermined time interval and after that interval a new password has to be 
generated to get access). 
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With respect to claims 2, 19 and 28, receiving a second application name by a 
password generator at a third time, wherein the second application name is different than 
the first application name and is associated with a second application; generating a first 
instance of a second password for said second application by the password generator, 
wherein the generating of the first instance of the second password is based on said 
second application name received at the third time and based on said single key, wherein 
the second password is different than the first password; (see column 6 lines 20-41 and 
column 8 line 26 - column 9 line 21 i.e. it's inherent to generate multiple passwords 
because the generator takes the application ID and different application ID gives you 
different password); receiving said second application name again at a forth time by the 
password generator (see column 6 lines 20-41, column 6 lines 61 - column 7 line 3 and 
column 8 line 26 - column 9 line 21); and generating a second instance of the second 
password for said first application by the password generator, wherein the generating of 
the second instance of the second password is based on at least said second application 
name received at the fourth time and based on said single key, and the generated second 
password is identical in its first and second instance if no time interval has been user 
specified for the first and second instances or if a time interval has been user specified but 
not elapsed between the third ans fourth times (see column 6 lines 61 - column 7 line 3 
teaches that the password is valid for a predetermined time interval and after that interval 
a new password has to be generated to get access). 

With respect to claims 3, 20 and 29, receiving a user specified time interval by the 
password generator idicating an interval during which the password generator is to 
produce identical instances of the first password for identical instances of the received 
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first application name and single key; and (see figure 3 element 304 and column 6 lines 
20-41); generating a third instance of a first password responsive to receiving said 
application name at a time after expiration of the interval wherein in the third instance the 
generated first password is different then the first and second instance of the password, 
even though the application name received for generating the third instance of the first 
password is identical to the application name received at the first and second times (see 
column 6 lines 61 - column 7 line 3 teaches that the password is valid for a 
predetermined time interval and after that interval a new password has to be generated to 
get access). 

With respect to claims 4, 21 and 30, receiving first password constraints for said 
first password; wherein generating said first password is further based on said first 
password constraints (see column 8 line 26 - column 9 line 21). 

With respect to claims 5, 22, and 31, wherein generating said first password 
utilises at least one encryption technique selected from the group of encryption 
techniques consisting of Block Addition, International Data Encryption Algorithm 
(IDEA), BLOWFISH, Software-optimized Encryption Algorithm (SEAL), RC4, Data 
Encryption Standard (DES), and RSA (see column 8 lines 53-67). 

With respect to claim 10, wherein said first application is selected from the group 
of applications consisting of bank account, Internet email account, Internet website, and 
computer account (see column 1 lines 16-29). 



Claim Rejections - 35 USC §103 



Application/Control Number: Page 7 

10/734,846 

Art Unit: 2132 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claim 6-9, 23-26, and 32-35 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Guski et al. (U.S. Patent # 5,592,553) in view of well-known practices 
in the art. Guski teaches everything with respect to claim 1,18 and 27 above but does not 
teach with respect to claims 6, 23 and 32, generating a first userid for said first 
application, based on at least said single key and said first application name. It is well 
known in the art that generating a first userid for said first application, based on at least 
said single key and said first application name and Official Notice is taken. Guski already 
teaches generating a password based on single key and said first application name (see 
figure 3 element 310 and column 6 lines 20-41). It would have been obvious at the time 
the invention was made to a person having ordinary skill in the art to which said subject 
matter pertains to have generated a unique ID for an application based on a key and an 
application name to make it harder for a third party to intercept and guess the user ED. 
Therefore one would have been motivated to have included generating a user ID. 

With respect to claims 7, 24 and 33, receiving a first userid time period; wherein 
generating said first userid is further based on said time period (see figure 3 element 308 
and column 6 lines 20-41). 
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With respect to claims 8, 25 and 34, receiving first userid constraints for said first 
userid; wherein generating said first password is further based on said first userid 
constraints (see column 7 line 58 - column 8 line 6 and column 8 line 26 - column 9). 

With respect to claims 9, 26, and 35, wherein generating said first password 
utilises at least one encryption technique selected from the group of encryption 
techniques consisting of Block Addition, International Data Encryption Algorithm 
(IDEA), BLOWFISH, Software-optimized Encryption Algorithm (SEAL), RC4, Data 
Encryption Standard (DES), and RSA (see column 6 lines 20-34). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Devin Almeida whose telephone number is 571-270- 
1018. The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 
5:00 P.M. The examiner can also be reached on alternate Fridays from 7:30 A.M. to 4:00 
P.M. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, can be reached on 571-272-3799. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
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more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 



Devin Almeida 
Patent Examiner 
12/10/2007 





